«

Andrew Poelstra said:

> On 2006-05-13, Richard Heathfield <> wrote:
>
>> And in any case, inventing a reasonably secure cryptosystem is, frankly,
>> trivial. The tricky bit is not the "technology" if that's the word, but
>> the usage - a great many ciphers are cracked not because they are
>> inherently weak but because they are misused.
>>
> True; of course, most people who hear that believe that ciphertext[i] =
> plaintext[i] ^ 5 is a "reasonably secure cryptosystem".

And so it is, provided nobody actually tries to crack it (which, again, is
true of most cryptosystems!).

When people do try to roll their own, it is sometimes embarrassing to see
just how quickly they can be broken. A guy I used to work with came up with
what he thought was an uncrackably complex scheme. He had spent several
days designing it. He gave me no algorithm, just some ciphertext, and it
took me about ten minutes. <sigh>

--
Richard Heathfield
"Usenet is a strange place" - dmr 29/7/1999
http://www.cpax.org.uk
email: rjh at above domain (but drop the www, obviously)

Martin Ambuhl wrote:
> wrote:
>> Could some C guru please help me? I have a simple piece of code as:
>>
>> #include <stdio.h>
>> #include <stdlib.h>
>> #include <openssl/rand.h>
>
> You're trying to get us into trouble, aren't you. Even if openssl were
> on topic here, or if your implementation-specific question were on
> topic, the language from the openssl site would scre me off:
>> PLEASE REMEMBER THAT EXPORT/IMPORT AND/OR USE OF STRONG CRYPTOGRAPHY
>> SOFTWARE, PROVIDING CRYPTOGRAPHY HOOKS OR EVEN JUST COMMUNICATING
>> TECHNICAL DETAILS ABOUT CRYPTOGRAPHY SOFTWARE IS ILLEGAL IN SOME
>> PARTS OF THE WORLD. SO, WHEN YOU IMPORT THIS PACKAGE TO YOUR COUNTRY,
>> RE-DISTRIBUTE IT FROM THERE OR EVEN JUST EMAIL TECHNICAL SUGGESTIONS
>> OR EVEN SOURCE PATCHES TO THE AUTHOR OR OTHER PEOPLE YOU ARE STRONGLY
>> ADVISED TO PAY CLOSE ATTENTION TO ANY EXPORT/IMPORT AND/OR USE LAWS
>> WHICH APPLY TO YOU. THE AUTHORS OF OPENSSL ARE NOT LIABLE FOR ANY
>> VIOLATIONS YOU MAKE HERE. SO BE CAREFUL, IT IS YOUR RESPONSIBILITY.

Why is this scary? It's just a typical "you cannot sue us" extension of
the BSD license. In reality there are only a few countries where this
would be a problem. A hint is that OpenSSL development having to do
with encryption is not done in those countries (and therefore, not
subject to export law). They ship from those countries "because they
can" (quote from the OpenSSL website).

Even in the US, as long as you do not export the software you write
based on strong crypto like OpenSSL you should be fine. It is not
illegal to code (yet). Most export laws are triggered once you try to
sell or provide software based on such tech to another country or agent
of another country.

However, the laws regarding such material are byzantine and subject to
broad interpretation. This warning is a just a YMMV.

Clever Monkey wrote:

> Why is this scary? It's just a typical "you cannot sue us" extension of
How about this:
>>> OR EVEN JUST EMAIL TECHNICAL SUGGESTIONS
> the BSD license.

The BSD license is irrelevant. We have a government in the US that is
technically challenged (so they don't understand the pointlessness of
these attempts to control information about cryptology) and with a will
to arrest on the slightest provocation.

> In reality there are only a few countries where this
> would be a problem.

"A few countries" are a serious problem with an uncontrolled medium like
a newsgroup.

> Even in the US, as long as you do not export the software you write
> based on strong crypto like OpenSSL you should be fine. It is not
> illegal to code (yet).

Please don't offer legal advice unless you are willing to be sued should
it go wrong. The original poster asked for technical suggestions. Are
you willing to bet your freedom and property that the government will
not come after people who answer him? Are you willing to bet your
freedom and property that this newsgroup does not reach those "few
countries" in which this could be a problem.

"Richard Heathfield" <> wrote in message
>> True; of course, most people who hear that believe that ciphertext[i] =
>> plaintext[i] ^ 5 is a "reasonably secure cryptosystem".
>
> And so it is, provided nobody actually tries to crack it (which, again, is
> true of most cryptosystems!).
>
> When people do try to roll their own, it is sometimes embarrassing to see
> just how quickly they can be broken. A guy I used to work with came up
> with
> what he thought was an uncrackably complex scheme. He had spent several
> days designing it. He gave me no algorithm, just some ciphertext, and it
> took me about ten minutes. <sigh>
>
But if you are scanning every email sent in the country, for the string "Mr
Vladimir orders three quarts of cheese", then those ten minutes are
prohibitive.
--
www.personal.leeds.ac.uk/~bgy1mm

On 2006-05-17, Malcolm <> wrote:
> "Richard Heathfield" <> wrote in message
>>> True; of course, most people who hear that believe that ciphertext[i] =
>>> plaintext[i] ^ 5 is a "reasonably secure cryptosystem".
>>
>> And so it is, provided nobody actually tries to crack it (which, again, is
>> true of most cryptosystems!).
>>
>> When people do try to roll their own, it is sometimes embarrassing to see
>> just how quickly they can be broken. A guy I used to work with came up
>> with
>> what he thought was an uncrackably complex scheme. He had spent several
>> days designing it. He gave me no algorithm, just some ciphertext, and it
>> took me about ten minutes. <sigh>
>>
> But if you are scanning every email sent in the country, for the string "Mr
> Vladimir orders three quarts of cheese", then those ten minutes are
> prohibitive.
Don't cut attribution lines; it took me five minutes to figure out that I
had made the post Richard replied to.

Once you crack a message, you can figure out the algorithm, and from there it
no longer takes 10 minutes per message.

--

Andrew Poelstra < http://www.wpsoftware.net/blog >

Malcolm said:

> "Richard Heathfield" <> wrote in message
>>> True; of course, most people who hear that believe that ciphertext[i] =
>>> plaintext[i] ^ 5 is a "reasonably secure cryptosystem".
>>
>> And so it is, provided nobody actually tries to crack it (which, again,
>> is true of most cryptosystems!).
>>
>> When people do try to roll their own, it is sometimes embarrassing to see
>> just how quickly they can be broken. A guy I used to work with came up
>> with
>> what he thought was an uncrackably complex scheme. He had spent several
>> days designing it. He gave me no algorithm, just some ciphertext, and it
>> took me about ten minutes. <sigh>
>>
> But if you are scanning every email sent in the country, for the string
> "Mr Vladimir orders three quarts of cheese", then those ten minutes are
> prohibitive.

Yes, but this was (almost) twenty years ago, by hand. With a computer, it
would have taken approximately three xesoseconds[1] to crack the code -
which, despite all its superficial complexity, was a mono.

Two common mistakes made by bozocryptographers are:

(1) they think that, to get the plaintext, the cryppies are required to
reverse-engineer the actual (secret) cryptosystem devised by the
cryptographer;
(2) they don't realise that two (or even a great many more than two)
substitution schemes are basically the same as one substitution scheme and
can be solved as if they were one.

Well, it was almost twenty years ago, so I think I've known enough Andrews
that I can call the guy Andrew (his real name) without fear of embarrassing
him. What Andrew had done was to set up a monoalphabetic substitution
cipher (A = R, B = K, C = Z, whatever). He had then replaced each letter by
an entire word beginning with that letter. He then replaced the word by a
picture representing the word. And he then replaced the picture by a
four-digit number. He thought there was no way I'd be able to even guess
that pictures were involved (which was true!), and that therefore I would
be unable to decipher the message (which was not!).



[1] abbrev for "oneofthosenewfangledprefixesoseconds"

--
Richard Heathfield
"Usenet is a strange place" - dmr 29/7/1999
http://www.cpax.org.uk
email: rjh at above domain (but drop the www, obviously)

On 2006-05-18, Andrew Poelstra <> wrote:
> On 2006-05-17, Malcolm <> wrote:
>> "Richard Heathfield" <> wrote in message
>>>> True; of course, most people who hear that believe that ciphertext[i] =
>>>> plaintext[i] ^ 5 is a "reasonably secure cryptosystem".
>>>
>>> And so it is, provided nobody actually tries to crack it (which, again, is
>>> true of most cryptosystems!).
>>>
>>> When people do try to roll their own, it is sometimes embarrassing to see
>>> just how quickly they can be broken. A guy I used to work with came up
>>> with
>>> what he thought was an uncrackably complex scheme. He had spent several
>>> days designing it. He gave me no algorithm, just some ciphertext, and it
>>> took me about ten minutes. <sigh>
>>>
>> But if you are scanning every email sent in the country, for the string "Mr
>> Vladimir orders three quarts of cheese", then those ten minutes are
>> prohibitive.
> Don't cut attribution lines; it took me five minutes to figure out that I
> had made the post Richard replied to.
>
> Once you crack a message, you can figure out the algorithm, and from there it
> no longer takes 10 minutes per message.

Assuming the secret is also the same for all the other messages - an
algorithm on its own buys you very little.

Richard Heathfield wrote:
> When people do try to roll their own, it is sometimes embarrassing to see
> just how quickly they can be broken. A guy I used to work with came up with
> what he thought was an uncrackably complex scheme. He had spent several
> days designing it. He gave me no algorithm, just some ciphertext, and it
> took me about ten minutes. <sigh>

But you are a genius. See:
http://groups.google.com/group/comp....05e5d339edec01